Forum Stats

  • 3,826,348 Users
  • 2,260,631 Discussions


Java Card API reference - technical consultation

3227203 Member Posts: 2
edited May 11, 2016 12:26PM in Java Card

We have one question for Java Card API parameter defining:

There is one parameter "externalAccess" in the interface getInstance(byte algorithm, boolean externalAccess) definition,and just the meaning of value "true" is defined, but the meaning of "FALSE" is not defined explicitly.

And we want to double check with you the what is the meaning of "FALSE" for parameter "externalAccess"?

Does it mean "false indicates that the instance will not be shared among multiple applet instances and that the Signature instance will also not be accessed (via a Shareable interface) when the owner of the Signature instance is not the currently selected applet. If false the implementation could allocate CLEAR_ON_DESELECT transient space for internal data." ?



  • patrick.vh-Oracle
    patrick.vh-Oracle Member Posts: 18 Employee
    edited May 11, 2016 12:26PM

    The 'externalAccess' parameter is provided by the application to get a Signature object instance matching the foreseen use of it as well as giving a chance to the implementation to select the most appropriate and optimized working memory area.

    In particular, if the application plans to share the Signature object, it must set 'externalAccess' to true and the created instance will implement the Shareable interface and won't use 'CLEAR_ON_DESELECT' transient memory to make sure that the signature object can be used by another application even if the owning application is not selected. These are requirements for the implementation.

    On the other hand, if set to false, the implementation may instantiate a Signature object that cannot be shared and that could also internally use transient memory allocated only when the application is selected ('CLEAR_ON_DESELECT') rather than using 'CLEAR_ON_RESET' transient memory that would unnecessarily occupies RAM even when the application is not selected.

    But this is more an implementation choice with no impact on the application (assuming it indeed doesn't try to share the object), and since other optimization strategies and techniques might be used by an implementation, it is not described in the specification as a requirement for the implementation.

    hope it clarifies.

This discussion has been closed.